HPE Community
Operating System - HP-UX
1836358 Members
2539 Online
110100 Solutions
New Discussion

two questions with regards accounts on the trusted server

 
Hanry Zhou
Super Advisor

‎06-17-2008 07:29 AM

‎06-17-2008 07:29 AM

two questions with regards accounts on the trusted server

1. how can I tell if "sys", "bin"... accounts are disabled or not?

2. currently root only be allowed to get in via another regular user account by "su", but where exactly is this function being set? we are not using /etc/security...

Thanks,
none
0 Kudos
Reply
3 REPLIES 3
Steven E. Protter
Exalted Contributor

‎06-17-2008 07:52 AM

‎06-17-2008 07:52 AM

Re: two questions with regards accounts on the trusted server

Shalom,

1) Check the shell entry in /etc/passwd
Don't mess with either or your system might cease doing productive work.

2) /etc/pam.d/system-auth and/or su in the same directory.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Hanry Zhou
Super Advisor

‎06-17-2008 07:59 AM

‎06-17-2008 07:59 AM

Re: two questions with regards accounts on the trusted server

I wanted to add more infor on my 2nd question.

Currently, the root is being set to log into the system by su from a regular user, and the audting person wants to show her that is the case on this system. I only tell her this is required by the trusted system.

Is there any field or command I can prove that?

none
0 Kudos
Reply
Tim Nelson
Honored Contributor

‎06-17-2008 11:55 AM

‎06-17-2008 11:55 AM

Re: two questions with regards accounts on the trusted server

1) getprpw sys
getprpw bin

2) root retriction possibilities are
/etc/securetty ( restrict direct telnet for root, does not apply to exec, ssh, remsh...)
/etc/profile ( possible root user ID check for tty )
/.profile ( same as above)

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.